diff --git a/railties/lib/rails/welcome_controller.rb b/railties/lib/rails/welcome_controller.rb
index 5b84b57679..986c7c0a74 100644
--- a/railties/lib/rails/welcome_controller.rb
+++ b/railties/lib/rails/welcome_controller.rb
@@ -3,6 +3,7 @@
 require "rails/application_controller"
 
 class Rails::WelcomeController < Rails::ApplicationController # :nodoc:
+  skip_forgery_protection
   layout false
 
   def index
diff --git a/railties/test/application/routing_test.rb b/railties/test/application/routing_test.rb
index e76c74aaeb..420c8e5ad2 100644
--- a/railties/test/application/routing_test.rb
+++ b/railties/test/application/routing_test.rb
@@ -734,5 +734,18 @@ module ApplicationTests
       get "/url"
       assert_equal "/foo", last_response.body
     end
+
+    test "request to rails/welcome for api_only app is successful" do
+      add_to_config <<-RUBY
+        config.api_only = true
+        config.action_dispatch.show_exceptions = false
+        config.action_controller.allow_forgery_protection = true
+      RUBY
+
+      app "development"
+
+      get "/"
+      assert_equal 200, last_response.status
+    end
   end
 end